package com.blacktech.dbu.auth.config;

import com.blacktech.dbu.auth.security.RolePermissionInterceptor;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * 权限Web配置类
 * 配置权限相关拦截器等Web相关设置
 *
 * @author Yanyunsong
 */
@Configuration
@RequiredArgsConstructor
public class AuthWebConfig implements WebMvcConfigurer {

    private final RolePermissionInterceptor rolePermissionInterceptor;

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(rolePermissionInterceptor)
                .addPathPatterns("/api/**")
                .excludePathPatterns(
                        "/api/auth/**",
                        "/api/public/**",
                        "/api/admin/**",
                        "/api/users/**",
                        "/api/auth/permissions/**"  // 权限管理API使用Spring Security的@PreAuthorize控制
                );
    }
}